All posts by chris.vandersluis

Security resources for TimeControl are plentiful

Here at TimeControl Headquarters, we think about security all the time.  Security for modern day applications is a multi-faceted conversation.  We have to think about keeping TimeControl safe of course and that effort goes all the way into the architecture as we think about database access, application protection and more.  With TimeControl Online we have to consider the environment as well including the servers, malware protection, monitoring and more.

Aside from keeping the application and its underlying structure safe, we have to also think about security from an application standpoint.  TimeControl’s internal security includes everything from authentication and single-sign-on to data access, menu control and down-to-the-field level controls on every aspect of the product.

We use the OWASP security standards to test TimeControl and test for any vulnerabilities and eliminate them before TimeControl users would ever encounter them.

Aside from our own testing, we have a third party conduct a security audit to ensure we are SOC II certified.

Because TimeControl is available both for an on-premise deployment or as TimeControl Online, our Software as a Service subscription in the Cloud, there are different resources for thinking about TimeControl security.  Take a look at the TimeControl On Premise Security Architecture or the TimeControlOnline Security Architecture white papers for an in-depth look at security or stop by the TimeControl Security page for more information.

TimeControl flexibility happens at every level

We often talk about the flexibility of TimeControl.  As a multi-purpose, multi-function timesheet and project system, it really has to be.  Over the many years TimeControl has been on the market, we have never met two companies who want to use it in exactly the same way.  So, the ability to configure the system to adapt to work flow, approvals, functions that are visible, tables that are used and even down to the field level selections are all part of the flexibility philosophy with the TimeControl team.

Flexibility in TimeControl extends not just in how you configure TimeControl but all the way down the line to the end user.

Where we work with administrators on how they would like to integrate TimeControl with other systems and what fields of data to show and not, even end users get choices about how to personalize and customize TimeControl.  Here are just a few ways individuals can modify their TimeControl experience:

Timesheet configuration

By selecting the Options in the timesheet, end users can change the field order, what fields are visible and how to sort the fields.  End users can choose to group their timesheet lines hierarchically if they have many entries or to sort entries however they wish.  Don’t want to see weekend days?  No problem, that’s changeable right in the options and TimeControl will remember the preference for each user.  Right on the timesheet, users can change the order of fields or change the width of fields to suit them.

Also in options is the ability to Wrap the headers of each column and to show line numbers or an on-line access to Line item Notes along with an indicator to show if that line has notes entered already.  In the same options screen users can even select the day/date format to show at the top of the entry columns.

Language and Dashboards

In the MyAccount area, users can select what language they would like TimeControl to be presented in.  More comfortable in French? No problem.  Spanish?  No problem.  This is a user-level selection so only this user’s interface will change.  Users might also change which dashboard they can see (If Administrators have allowed this) or what they would like their starting page to be both for TimeControl and TimeControl Project.

Preloading

Aside from Resource Assignment Pre-loading which might or not be in use for an organization, end users can also select what timesheet lines they would like to always automatically be preloaded.  So, if a user has meetings virtually every week, they can elect to always show a “Meetings” line item without having to add it all the time.  There are other options too for defaults and pre-answering questions that a users always answers the same way such as do they want to send a notification to their supervisor when they release their timesheet.

It’s all part of the same underlying philosophy with the TimeControl team.  End users should be able to be as efficient as possible in the product.  But in the background, all the functionality that we talk about so often is kept away from them having to wade through.

For more on flexibility, see the TimeControl website at TimeControl.com/features/flexibility.

New Online TimeControl Report Designer Course

We’re very excited to announce the availability of a new multi-part video training course on the use of the TimeControl Report Designer.  Created by the HMS Technical Staff, the course comes in 12 bite-sized 3-5 minute sections and covers how to create your first TimeControl Report from scratch and how clean up the formatting so it’s ready for production.

The course video sections can all be downloaded so if you’d prefer to keep the files onsite or on your own system for later reference, that’s easy to do.

You’ll find the new TimeControl Report Designer Course at: TimeControl.com/resources/online-training/timecontrol-rw.

Additional video training for TimeControl and TimeControl Project can be found at TimeControl.com/resources/online-training and many other resources can be found on the Resources Page at: TimeControl.com/resources.

Data Sovereignty matters more and more

When we started with TimeControl, the location of the client’s data had nothing to do with us.  We published the software with an on-premise license and the client decided where to install the product and where to locate the data.  The location, security and access to that data was completely decided by the client.  With the release of TimeControl Online a dozen years ago, that all changed.  TimeControl Online’s data was originally stored only in the US but as Software as a Service (SaaS) became more popular in medium to large corporate environments, the location suddenly became more an issue.

As it has with so many changes to the technical world, TimeControl adapted.  The TimeControl Data Location option, allows a client for a fee to decide from a wide range of countries where to locate their data.  The option is well established in our own technical department and has been taken advantage of over the years by clients requesting their data be stored and secured in Canada, the United Kingdom, and the European Union.  There are other countries and regions that can be supported as well including Brazil, South Africa, Israel, the United Arab Emirates, India, Australia, Japan and others.

The TimeControl Data Location option goes beyond just storing the data.  At HMS we understand data sovereignty.  So, when this option is used, we don’t backup or transport data to any other location outside the country or region where it is located.  We also don’t ever read client data directly from our Canadian offices in Montreal without a client’s direct request.  And, when the Data Location option is involved, we work with the client on how to access the data through their own systems to achieve whatever might be required to help with support or features.

HMS does manage these remote servers of course. We monitor all our Data Location servers just the way we do with the US-based servers on a 24×7 basis. We also handle all the upgrades and updates directly but that is an application-based update, the TimeControl application then handles upgrading the data locally in each location on its own.

Storing the data and self-restricting our access to the data is only part of the data sovereignty conversation.  It is then up to the client themselves to determine which users can access TimeControl and from where.  For global companies, that can take some thinking to make sure that both data sovereignty and user privacy are respected.

The Data Location option is available to TimeControl Online and TimeControl Industrial Online clients at any time.  If this is of interest to you, contact your TimeControl Account Executive at: TimeControl.com/contact

The TimeControl Evolve Program brings your on-premise data to the cloud

The TimeControl Evolve program enables TimeControl on-premise clients to easily migrate to TimeControl Online.  And, it’s a lot more than that.

First of all, TC Evolve is designed to enable TimeControl on-premise clients to migrate to TimeControl Online, our TimeControl Software as a Service (SaaS) subscription in the Cloud.  The evolve program is an inexpensive and effective way to move your TimeControl system into the cloud.  It works for both TimeControl Online and TimeControl Industrial Online.

TimeControl on-premise has been sold since 1994 and there are many on-premise clients out there.  It’s true that most of our sales these days are for TimeControl Online but TimeControl on-premise is still sold and supported and will be for as far into the future as we can see.

In the last few years, more and more on-premise clients are thinking about what it would take to move their TimeControl system into our SaaS model.  The number one concern is how much their TimeControl will change.

If you are using the most current version of TimeControl or TimeControl Industrial on-premise, then there is no change to how will be online.  That’s because we committed years ago to keeping the source base of both on-premise and on-line systems the same.  That’s a big deal.  So, features that work for you in the on-premise version, work just the same in the online version!

The second concern prospective migrators have is what about their current configuration and their existing data.  While you could always start fresh, clients don’t. HMS helps them move 100% of their existing configuration and existing TimeControl data to TimeControl Online.

There are many advantages to migrating to a TimeControl Online subscription:

  1. First, all maintenance of TimeControl is handled by HMS. We do all the server, database, malware prevention and application upgrades for you.
  2. TimeControl Online is upgraded automatically by HMS. You will no longer have to be concerned about upgrades.  HMS takes care of all updates, upgrades and new version installation centrally on the TimeControl Online servers.
  3. Continuous monitoring is handled for you. TimeControl Online is monitored 24x7x365.  We are looking at the system continuously and are proud of our 99.9%+ uptime since the service was first launched in 2011.
  4. TimeControl Online and TimeControl on-premise are the same code. That means that all functionality that you know and love in TimeControl on-premise is already in TimeControl Online.
  5. Data backups and disaster recovery is already included. TimeControl Online is backed up daily and you can even download your own database backup in case you want to be sure to have control over it.  Disaster recovery is layered to handle issues of different scales and types.
  6. TimeControl Online is highly secure. We follow the OWASP standards for testing and our data is housed by Amazon Web Services in highly secure facilities.  Our SOC II certification let’s you know that our security protocols have been examined and audited by external third parties and deemed secure.
  7. TimeControl Project is an optional part of TimeControl Online and TimeControl Industrial Online and is not available with TimeControl on-premise.  Moving to TimeControl Online means you can elect to use TimeControl Project.

The TimeControl Evolve program will let you migrate your TimeControl on-premise licenses to the cloud and we won’t charge the subscription until your current support contract expires.  There is no subscription cost for the entire remainder of your already active support contract.  If you just updated your technical support for your TimeControl on-premise today, then that’s a whole year of TimeControl Online for free.

Free.

When you sign up for the Evolve program we are available to assist you in migrating all your existing data to TimeControl Online.  If you haven’t upgraded your TimeControl on-premise to the most current version, then we can help do the upgrades to ensure that the data you have will immediately migrate to the online version.  We can also advise you on maintaining or enhancing your links to external systems such as Project Management tools, Finance, Payroll, ERPs and more.

Everyone’s situation is different.  If you’d like to talk to one of our Account Specialists about whether the TimeControl Evolve program is right for you, contact us at: https://www.timecontrol.com/contact or email us at info@hms.ca.

See Choosing Timesheets our latest webcast from HMS Software

We’ve just posted a new webcast on a subject that we are asked about often.  How does one go about choosing a timesheet and why is what sounds like a simple exercise so common.  Our President, Chris Vandersluis goes through the answer as well as showing how to overcome the challenge of choosing multiple timesheets.

You can also see the slides from this presentation at TimeControl.com/pdf/presentations/choosingtimesheets.pdf.

For more webcasts, see the TimeControl Webcast page.

TimeControl uses hierarchies to manage huge volumes of charges

One challenge we faced when first creating TimeControl were the types of projects that we were presented with.  We’d seen other timesheets which could handle a dozen possible charge types on a timesheet. They’re still quite common.  That’s not at all what we were facing.  Our earliest clients described projects with hundreds, thousands or even tens of thousands of tasks each.  One client explained that they had over 50,000 active projects world-wide that they expected to load into the system and each project had approximately 1,000 tasks.

The idea that a user would scroll page after page looking for a possible task to charge their time against was a no-starter.

So TimeControl evolved with several possible methods of reducing what end-users would be presented with.  We introduced pre-loading, dynamic filters and assignment selections but perhaps the most powerful tool for displaying high volumes of data in a digestible format was the notion of hierarchies.

The idea of breaking down tasks into groupings and sub-groupings wasn’t new.  The very project management tools we wanted to integrate with already used the idea of Work Breakdown Structures for large projects.  So we incorporated the concept into TimeControl.

At the end user level, the idea is very straightforward.  The possible charge codes that an end user has access to are presented in a breakdown.  The most simple would be just like a project system using a delimited charge code with each period being a new level.  This is amazingly effective.

But TimeControl doesn’t stop there.

The Charge Table can be organized with not one but multiple hierarchy definitions.  Let’s say that for some users, breaking the charges down by location, then billing status then priority is the way to go.  For others perhaps breaking the charges by billable then capitalizable makes more sense.  TimeControl’s hierarchies format can define multiples and end users can select the hierarchy that makes most sense to the.

We didn’t stop there.  The selection of Rates can use the same type of hierarchy structure as can the selection of Employees in other parts of the product.

TimeControl Hierarchies take massive lists of possible data and breaks it down to bite-sized selections.

Why is the Drill Down Analyzer one of the most popular TimeControl features?

It’s not a big mystery. The Drill Down Analyzer is one of the most popular features in TimeControl. To be fair, there are many features that are often mentioned by users when talking about TimeControl including the remarkable level of flexibility or the integrations already included or that can be created inside the product but once those features are configured; once the flexibility has been taken advantage of to configure TimeControl; those things fall into the background of every day operations.

The Drill Down Analyzer is the most popular go-to feature for administrators who work with TimeControl regularly.

So what is it?

The Drill Down Analyzer is a spreadsheet-like reporting mechanism that allows the user to create multiple definitions of fields called Views and then display that data based on any filter desired. There is no limit to the number of Drill Down Analyzer Views that can be created and TimeControl even allows for those Views to be either public or private to keep the number of them under control.

The user then selects a View, clicks Load and then takes advantage of any appropriate filter defined in the product. That can include a dynamic filter such as “Select a Project” where the user then selects a project or selects a range of dates or any other definition that you wish to constrain the data by. The Drill Down Analyzer then loads all the fields in the View.

But that’s just the start.

Just like many spreadsheet views, the Drill Down Analyzer will happily sort the View by clicking on any column header. Much more fun is to drag a column header to the Sub-total bar and instantly all the data is grouped and sub-totaled by that field. Drag a second field up and there are now Groupings, sub-groupings and sub-totals. Drag a third field and, yes – you guessed it, there are now groupings, sub-groupings and sub-sub-groupings with sub totals.

This is a stunningly powerful feature.

An end-user can use the grouping and filtering of data to answer some questions that might have taken ages. “This year, how many hours were spent on internal non-billable meetings by the technical staff?” That could be a few days of work if done manually or hours of work in most other systems. Using the Drill Down Analyzer, it’s a list of posted data that probably doesn’t even need to defined as it’s used all the time, select a range of dates when loading then group by internal (a user defined charge field) and billable (another user defined charge field) and you’ve got your answer in seconds, not hours.

As with all things TimeControl, the Drill Down Analyzer is always compliant with data security based on the User Profile so you don’t have any risk of seeing something you’re not supposed to see. It’s a remarkable feature and it’s a TimeControl Admin favorite.

 

Making your TimeControl timesheet entry more effective with preloading

One element of TimeControl we are always sensitive to is that end-users are not usually excited to do a timesheet.  We don’t have illusions about this.  But we do see how we can make timesheets the least intrusive and the least interruption possible for end-users.

One way we do this is to optionally pre-load the timesheet with work that is expected.  There are some rules about pre-loading that are important to know so let’s go through the pre-loaded options and constraints here.

Resource assignments

The most common type of pre-loading are for resource assignments.  We take information that is taken either from an import of assignments from an external project management system or from internal assignments in either TimeControl or TimeControl Project.  Then we present those assignments into the relevant timesheets at the moment the timesheet is created.  Filters are often used to avoid loading a week’s timesheet with every assignment for an entire project.  Filters usually incorporate start and finish dates and take into account the assignment status so closed charges don’t appear.

This has the effect of loading all the work that an employee was expected to do in the relevant timesheet for the week.

Personal Pre-loads

In addition to the resource assignments that will likely change from week to week, each users can also set personal preferences in their My Account area.  These personal-preloads can insert charge codes into a new timesheet that would typically always appear.  Perhaps “Meetings” is virtually always on someone’s timesheets but it is not a project management assignment.  Having this as a personal pre-load means not having to pull up a list of internal charge codes and finding “Meetings”.

TimeRequests for time off

When a user creates a TimeRequest for time off in the future such as for vacation, their supervisor can approve that time.  Once approved, TimeControl will treat the TimeRequest as a preloaded task and unlike other types of preloads will also insert the time.  This line item can be overwritten or even deleted if it turns out the employee actually came into work that week despite their approved vacation.

Autofill

Autofill is most typically used at the end of the timesheet cycle and can create timesheets and load them with entries that include charges and hours for a particular group of people.  Then the timesheet can remain in draft or be posted or moved along the approval cycle.  This is particularly useful when there are non-project personnel who only enter timesheets “by exception” for example to only track sick leave or personal time off.  However, the functionality doesn’t have to be used at the end of the cycle.  The function can be created to load new timesheets in advance of the timesheet cycle.  In this case, the timesheet can be optionally preloaded with default tasks and even time.

Why don’t we load the expected times for resource assignments?

These days, one question we’re asked is why we don’t use AI to preload all the expected times based on the schedule of the project management system.  While we certainly have the capabilities to do this, we will not. The problem with using any automated algorithm to preload the timesheet with values is that the algorithm will become responsible for the values, not the person.  Not only will that make the timesheet unauditable but it violates numerous standards for timesheet entry by people like the tax department for research credits, the DCAA and others.  Remember, TimeControl is often used for payroll or for billing purposes.  Turning that functionality over to an algorithm would be a huge concern.

“But just present it and employees will only click ‘Ok’ if they approve it,” we’ve been told.  Even this is problematic.  The temptation to just click Ok will be overwhelming and we’ve refused to add such functionality as a result.  Ultimately, while, we’re keen to have the process be as easy as possible, having the data be of good quality is a higher priority.

 

The No-rates TimeControl Scenario

While TimeControl’s rate architecture is extensive, there are some clients who do not need to use it. There may be numerous reasons for a client to decide on a no-rates approach. Perhaps rates are already managed elsewhere such as in a payroll system. ‘If we just got the accurately categorized hours,’ they say, we could easily do the rates calculations here in payroll where the rates exist already. Perhaps the client doesn’t need a ‘down-to-the-dollar’ standard. It might be enough for them to use hours and an averaged rate calculation directly in a project system. Perhaps tying to multiple rates is a phase of using TimeControl that is planned for the future.

TimeControl’s flexibility isn’t restricted to how to handle complex timesheet elements. It can also be used to make some features simpler or to eliminate the feature altogether. ‘But wait,’ you might say. ‘Aren’t rates a required element of TimeControl?’ Yes they are. But the need to display them can easily be configured away.

Here’s how to create a no-rates approach:

First, create only a single global rate. Let’s call the rate code “S” for Standard” and let’s give it a value of $1.00. That can come in handy later. Now every hour will equate to $1.00 dollar worth of time. Since this single rate is a global type, it will be visible to all employees.

Next, make the ‘S’ rate the default for all employees. If you haven’t entered any employees yet, then putting the ‘S’ default rate into the Default Employee Table Template will have that ‘S’ standard rate automatically appear for everyone. Make sure that the ‘S’ rate is applied to all employees. Now the ‘S’ standard rate will be inserted into every single timesheet line including those created by AutoFill or TimeRequest. And that rate will be inserted whether the field is shown or not!

Finally, in User Profiles, hide both the Rate Code and Rate Description fields for all timesheet entry users.

That’s it. You now have configured TimeControl so that users will not see the rate code but it will be created and for all users and all timesheet lines, the value of each hour will be 1 dollar. Rates are hidden but they are being used properly.

This means that all standard reports that might have used rate cost values will now show just the hour values because of using one dollar per hour for the rate. You can relabel those reports to use for other purposes.

Remember that the rates functionality hasn’t gone away, it’s just been masked and, moreover, while we’ve just described how to create a no-rates system for everyone, you could elect to have this for only some employees while other TimeControl users would use rates in a more traditional fashion. All that would be needed is to ensure the User Profiles for the no-rates approach and for other employees are different.

To read more about TimeControl’s different rate scenarios and how to create your own rate structure, read the White Paper “Creating your Rate Structure” on the TimeControl White Papers Resource page at: TimeControl.com/resources/whitepapers.